Introduction

plorinavethq ("we," "us," or "our") operates the website plorinavethq.com and provides machine learning portfolio cluster analysis services. This privacy policy explains how we collect, use, store, and protect your personal data when you use our platform.

We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy was last updated in January 2025 to reflect current practices and regulatory requirements.

Information We Collect

Personal Information

When you register for our services or contact us, we may collect:

• Your name and email address
• Company information and job title
• Phone number and postal address
• Professional background and investment experience
• Payment information processed through secure third-party providers

Technical Data

Our platform automatically collects certain technical information:

• IP address and browser information
• Device type and operating system
• Pages visited and time spent on our platform
• Cookies and similar tracking technologies
• Usage patterns and feature interactions

Financial Data

For our portfolio analysis services, we may process anonymised financial data that you choose to upload. This data is used solely for analysis purposes and is never shared with third parties.

How We Use Your Information

We process your personal data for the following purposes:

• Providing our machine learning portfolio analysis services
• Creating and maintaining your user account
• Communicating about service updates and educational content
• Processing payments and managing subscriptions
• Improving our platform based on usage analytics
• Complying with legal obligations and regulatory requirements
• Preventing fraud and ensuring platform security

Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

• Contract: Processing necessary to provide our services to you
• Legitimate Interest: Improving our platform and preventing fraud
• Consent: Marketing communications and optional features
• Legal Obligation: Compliance with financial regulations and tax requirements

You have the right to withdraw consent at any time where we rely on consent as the legal basis for processing.

Data Sharing and Third Parties

We may share your information with carefully selected third parties in limited circumstances:

Service Providers

• Payment processors for subscription management
• Cloud hosting providers for data storage and processing
• Email service providers for communications
• Analytics providers to understand platform usage

Legal Requirements

We may disclose information when required by law, court order, or to protect our legal rights and those of our users. This includes cooperation with law enforcement and regulatory bodies.

All third-party service providers are required to maintain appropriate security measures and use your data only for the specific purposes we've authorised.

Your Rights Under UK GDPR

As a data subject, you have several important rights regarding your personal information:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Rights Related to Automated Decision Making: Protection against solely automated decisions

Data Security and Protection

We take data security seriously and have implemented comprehensive measures to protect your information:

Technical Safeguards

• End-to-end encryption for data transmission
• Secure server infrastructure with regular security updates
• Multi-factor authentication for account access
• Regular security audits and penetration testing
• Encrypted data storage with restricted access controls

Organisational Measures

• Staff training on data protection principles
• Access controls limiting who can view personal data
• Regular review of data processing activities
• Incident response procedures for potential data breaches

While we strive to protect your personal information, no method of transmission over the internet is completely secure. We cannot guarantee absolute security but commit to addressing any vulnerabilities promptly.

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Account Information: Retained while your account is active plus 3 years after closure
• Financial Records: Kept for 7 years to comply with UK tax and accounting requirements
• Marketing Data: Retained until you unsubscribe or withdraw consent
• Technical Logs: Automatically deleted after 24 months
• Support Communications: Retained for 2 years for service improvement

When data is no longer needed, we securely delete or anonymise it. Some information may be retained longer if required by law or for legitimate business purposes such as fraud prevention.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your experience and analyse platform usage. We use several types of cookies:

• Essential Cookies: Required for basic platform functionality
• Performance Cookies: Help us understand how visitors use our site
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements (with your consent)

You can manage cookie preferences through your browser settings. However, disabling certain cookies may affect platform functionality. Our cookie banner allows you to control non-essential cookies when you first visit our site.

International Data Transfers

While we primarily process data within the UK, some of our service providers may be located outside the European Economic Area (EEA). When we transfer personal data internationally, we ensure appropriate safeguards are in place:

• Adequacy decisions recognised by the UK government
• Standard Contractual Clauses approved by UK authorities
• Binding Corporate Rules for multinational service providers
• Certification schemes that demonstrate adequate protection

We regularly review our international transfer arrangements to ensure they meet current UK data protection standards.

Children's Privacy

Our services are designed for professional use and are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.

Parents or guardians who believe their child has provided personal information to us should contact us immediately using the details provided below.

Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will:

• Notify registered users via email
• Display a prominent notice on our website
• Update the "last modified" date at the top of this policy
• Provide a summary of key changes where appropriate

We encourage you to review this policy regularly to stay informed about how we protect your information. Continued use of our services after changes become effective indicates acceptance of the updated policy.